package com.xc.springsecurity.config;

import com.xc.springsecurity.service.MyUserDetailsService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private MyUserDetailsService myUserDetailsService;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {

        auth.userDetailsService(myUserDetailsService);
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests() //开启权限配置
                .anyRequest()  //所有的请求
                .authenticated()  //进行认证
                .and()
                .formLogin()  //设置表单登录
                .loginPage("/login.html")  //设置登录页面
                .loginProcessingUrl("/doLogin")  //谁来处理登录请求
//                .defaultSuccessUrl("/index")  //成功跳转的
                .successForwardUrl("/index")
                .failureUrl("/mylogin.html") //失败跳转的
//                .failureForwardUrl("/login.html")
//                .failureHandler(new MyAuthenticationFailureHandler())
                .usernameParameter("uname")
                .passwordParameter("passwd")
                .permitAll()
                .and()
                .csrf().disable();  //关闭

    }
}
